JP2003298579A - Information processing apparatus, information processing method, program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To certify the original nature against processing edit wherein contents of digital data are not substantially changed. <P>SOLUTION: The information processing apparatus produces a plurality of signature data from digital data to verify digital data and is provided with: a feature quantity calculation means (401) for calculating a plurality of different feature quantities from the digital data; a hash function generating means (402) for calculating a plurality of hash data from a plurality of the different feature quantities; and a signature generating means (402) for applying a prescribed arithmetic operation to a plurality of the hash data and generating a plurality of signature data. <P>COPYRIGHT: (C)2004,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a technique for detecting tampering by converting image information of an object to be photographed into digital data and adding tampering detection data to the digital data.

[0002]

2. Description of the Related Art In recent years, a video input device such as a digital camera for digitizing photographed information and recording it as a digital data on a recording medium or the like has been put into practical use instead of the conventional silver halide photograph or 8 mm film. This allows
It is now possible to transfer the photographed information itself to an information processing device such as a personal computer and display it. It became possible to instantly transmit video data anywhere in the country by using such a communication line. Therefore, the use of digital video data is being considered by insurance companies that handle evidence photographs in accident processing and construction companies that record the progress of construction sites. On the other hand, however, due to remarkable progress in data processing technology, it has become possible to easily edit digital data such as video data by using a photo retouching tool or a moving image editing tool. Therefore, the reliability of digital image data is lower than that of conventional silver halide photographs and the like, and there is a problem that the ability as evidence is poor.

Therefore, a video input device or system has been proposed which detects the falsification and forgery of video data when it is performed. For example, “DIGITAL CAMERA WITH
APPRARATUS FOR AUTHENTICATION OF IMAGES PRODUCED F
US Patent No. 5499294 named "ROM AN IMAGE" and Patent Application Publication No. named "Video Input Device and Video Input System": According to Japanese Patent Laid-Open No. 9-200730, confidential information unique to the video input device and the video input device Information for identifying the digital data by executing a predetermined calculation based on at least one of secret information peculiar to the external device to be connected and digital data photographed by the video input device and digitized, that is, The digital signature data is generated, and the digital signature data and the digital data photographed by the video input device and digitized are output from the video input device.

In the above publication, a hash function and public key cryptography are used to generate digital signature data. Public key cryptography will be described later. What is a digital signature?
The sender sends the signature data corresponding to the data together with the data, and the receiver verifies the signature data to confirm the validity of the data. Confirmation of the validity of data using a hash function and public key cryptography for digital signature data generation is as follows, and this is the method of the above publication.

When the secret key is Ks and the public key is Kp, the sender performs an operation of compressing the plaintext data M with a hash function to calculate an output h of a constant length. Next, an operation for converting h with the secret key Ks to create the digital signature data s, that is, D (Ks, h) = s is performed. Then, the digital signature data s and the plaintext data M are transmitted. On the other hand, the receiver converts the received digital signature data s with the public key Kp, that is, E (Kp, s) = E (Kp, D (Ks, h ")) = h" and the received plaintext data M. 'Compress with the same hash function as the caller
The calculation for calculating h ′ is performed, and if h ′ and h ″ match, the received data M ′ is judged to be valid.

When the plaintext data M has been tampered with during transmission and reception, E (Kp, s) = E (Kp, D (Ks, h ")) = h" and the received plaintext data M'is transmitted. Compressed with the same hash function as
Tampering can be detected because h'does not match. Here, if the digital signature data s is also falsified in accordance with the falsification of the plaintext data M, the falsification cannot be detected. However, this requires the plaintext data M to be obtained from h, and such calculation is impossible due to the one-way property of the hash function.

Next, the hash function will be described. The hash function is used for speeding up the generation of the digital signature. The hash function has a function of processing the plaintext data M of an arbitrary length and outputting the output h of a fixed length. Here, the output h is referred to as a hash value of the plaintext data M (or message digest, digital fingerprint).

As the properties required for the hash function, one-way property and collision resistance are required. One-way property means that it is difficult to calculate the plaintext data M such that h = H (M) when h is given. Conflict resistance means that when plaintext data M is given, it is difficult to calculate plaintext data M '(M ≠ M') such that H (M) = H (M ') and H (M) It is difficult to calculate the plaintext data M and M'where = H (M ') and M ≠ M' in terms of computational complexity. MD-2, MD-4, MD-5, SHA-1, R as the hash function
IPEMD-128, RIPEMD-160 and the like are known, and these algorithms are open to the public.

Next, public key encryption will be described. Public key cryptography is an encryption method in which the encryption key and the decryption key are different, the encryption key is open, and the decryption key is kept secret. The characteristics of public key cryptography are as follows: (a) Since the encryption key and the decryption key are different and the encryption key can be disclosed, it is not necessary to secretly distribute the encryption key, and the key distribution is easy. (b) Since each user's encryption key is open to the public, each user need only secretly store his own decryption key. (c) It is possible to realize an authentication function for the receiver to confirm that the sender of the sent communication text is not an impostor and that the communication text has not been tampered with. Is mentioned.

For example, with respect to the plaintext data M, the encryption operation using the public encryption key Kp is E (Kp, M), and the decryption operation using the secret decryption key Ks is D (Ks, M). Then, the public key cryptographic algorithm first satisfies the following two conditions. (1) Given Kp, the calculation of E (Kp, M) is easy. Given Ks, the calculation of D (Ks, M) is easy. (2) If you don't know Ks, the calculation procedure of Kp and E
Even if we know C = E (Kp, M), it is difficult to determine M in terms of computational complexity.

Next, secret communication can be realized by satisfying the following condition (3) in addition to the above (1) and (2). (3) E (Kp, M) can be defined for all plaintext data M, and D (Ks, E (Kp, M)) = M holds. In other words, since Kp is open to the public, anyone can calculate E (Kp, M), but it is a secret that D (Ks, E (Kp, M)) can be calculated to obtain M. Only the person who has the key Ks. On the other hand, in addition to the above (1) and (2), the authentication communication can be realized by satisfying the following condition (4).

(4) For all plaintext data M, D (Ks,
M) can be defined, and E (Kp, D (Ks, M)) = M holds. In other words, only the person who has the secret key Ks can calculate D (Ks, M), and another person calculates D (Ks ', M) using the fake secret key Ks' and calculates Ks. Even if the user impersonates himself, E (Kp, D (Ks', M)) ≠ M, so the recipient can confirm that the received information is incorrect. Even if D (Ks, M) is tampered with, E (Kp, D (Ks,
Since M) ′) ≠ M, the receiver can confirm that the received information is incorrect.

RSA encryption, R encryption, W encryption and the like are known as typical examples capable of performing the secret communication and the authentication communication. Here, the encryption / decryption of the RSA encryption which is most frequently used at present is expressed by the following equation. Encryption: Encryption key (e, n) Encryption transformation C = M ^e (mod n) Decryption: Decryption key (d, n) Decryption transformation M = C ^d (mod n) n = p ・ q (where p , Q are large different prime numbers) As described above, the digital signature data is calculated using the hash function and the public key cryptosystem for the input digital data, and the digital signature data is added to the input digital data to obtain the image. -It is possible to realize originality proof and falsification detection of input digital data such as music, documents and moving images.

[0014]

However, when the conventional digital signature technique described above is used, even if one sample of the input digital data changes, it is virtually detected as falsification. Therefore, taking an image as an example, it is detected as falsification even if the contents of the image are not necessarily changed, such as JPEG recompression, γ correction, and extraction of a reduced image. Therefore, when verifying the originality, Cannot edit the signed image at all, and lacks flexibility as a falsification detection system, and it is desired to improve convenience.

The object of the present invention is to convert digital data from
Calculating a plurality of different characteristic quantities, generating a digital signature from the characteristic quantities, adding the digital signature data to a predetermined position of a file storing the digital data,
It is to make it possible to prove the originality in the editing process in which the content of the digital data is essentially unchanged.
Another object of the present invention is to add a digital signature using a plurality of different feature amounts and introduce a ranking based on a plurality of digital signatures, thereby to confirm the degree of editing added to the digital data and the reliability of the digital data. It is possible to evaluate sex. Still another object of the present invention is to divide the digital data into blocks and process the blocks so that not only the degree of tampering but also the position can be specified.

[0016]

According to one aspect of the present invention, there is provided an information processing device for generating a plurality of signature data from digital data for verifying the digital data, wherein the digital data includes: A feature amount calculating means for calculating a plurality of different feature amounts, a hash function generating means for calculating a plurality of hash data from the plurality of different feature amounts, and a predetermined calculation for the plurality of hash data, An information processing apparatus is provided, which comprises: According to another aspect of the present invention, there is provided an information processing device for verifying digital data using a plurality of signature data, the feature amount calculating means calculating a plurality of different feature amounts from the digital data, Hash function generation means for calculating a plurality of first hash data from the plurality of different feature amounts, signature data input means for inputting a plurality of initial generation signature data relating to the digital data, and a plurality of initial generation signature data On the other hand, a signature verification calculation unit that performs a predetermined calculation to generate a plurality of second hash data, and a comparison unit that compares the plurality of first hash data and the second hash data and outputs a comparison result. And a multi-step level display means for displaying the verification result of the digital data in multi-step levels based on the comparison result. The information processing apparatus is provided to. According to still another aspect of the present invention, there is provided an information processing apparatus for modifying digital data of a digital file including signature data and digital data for verifying the digital data, the predetermined information of the digital file. Signature data reading means for reading a plurality of signature data from a position, parameter reading means for reading a parameter of the digital data from a predetermined position of the digital file, and originality of the digital data can be verified by using the parameters Parameter determining means for determining the appropriate parameter, modifying means for modifying the digital data while maintaining the originality of the digital data according to the modifying parameter, and digital data after modifying all or part of the signature data. Predetermined file The information processing apparatus is provided, characterized in that it comprises a signature data adding means for adding the location. According to still another aspect of the present invention, there is provided an information processing method for generating a plurality of signature data from digital data for verifying the digital data, wherein a plurality of different feature quantities are calculated for the digital data. Characteristic amount calculating step, a hash function generating step for calculating a plurality of hash data from the plurality of different characteristic amounts, and a signature for performing a predetermined operation on the plurality of hash data to generate a plurality of signature data. An information processing method, comprising: a data generating step. According to still another aspect of the present invention, there is provided an information processing method for verifying digital data using a plurality of signature data, wherein a characteristic amount calculating step of calculating a plurality of different characteristic amounts from the digital data. A hash function generating step of calculating a plurality of first hash data from the plurality of different characteristic amounts; a signature data inputting step of inputting a plurality of initial generation signature data relating to the digital data; and a plurality of initial generation signatures. The signature verification calculation step of performing a predetermined calculation on the data to generate a plurality of second hash data and the plurality of first hash data and the second hash data are compared, and a comparison result is output. A comparison step and a multi-step level for displaying the verification result of the digital data at multi-step levels based on the comparison result. The information processing method characterized by comprising a display step is provided. According to still another aspect of the present invention, a digital file including signature data and digital data,
An information processing method for modifying digital data, comprising: a signature data reading step of reading a plurality of signature data from a predetermined position of the digital file; and a parameter of the digital data from a predetermined position of the digital file. Parameter reading step, a change parameter determining step for determining a parameter that can verify the originality of the digital data using the parameter, and the originality of the digital data is maintained according to the changing parameter And a signature data adding step for adding all or a part of the signature data to a predetermined position of the changed digital file. According to still another aspect of the present invention, a computer program for controlling an information processing apparatus for generating a plurality of signature data from digital data for verifying digital data, wherein A feature amount calculating step of calculating a plurality of different feature amounts, a hash function generating step of calculating a plurality of hash data from the plurality of different feature amounts, and a predetermined operation for the plurality of hash data, A program for causing a computer to execute the signature data generating step of generating the signature data of 1.
According to still another aspect of the present invention, a computer program for controlling an information processing device for verifying digital data using a plurality of signature data,
A feature amount calculating step of calculating a plurality of different feature amounts from the digital data, a hash function generating step of calculating a plurality of first hash data from the plurality of different feature amounts, and a plurality of initial generation signatures related to the digital data A signature data input step of inputting data, a signature verification calculation step of generating a plurality of second hash data by performing a predetermined calculation on the plurality of initially generated signature data, and the plurality of first hashes A computer performs a comparison step of comparing the data and the second hash data and outputting a comparison result, and a multi-step level display step of displaying the verification result of the digital data at multi-step levels based on the comparison result. A program will be provided to allow this. According to still another aspect of the present invention, there is provided a computer program for controlling an information processing device for modifying digital data of a digital file including signature data and digital data, the computer program comprising: A signature data reading step of reading a plurality of signature data from a position, a parameter reading step for reading a parameter of the digital data from a predetermined position of the digital file, and the originality of the digital data can be verified by using the parameter A change parameter determining step for determining a proper parameter, and maintaining the originality of the digital data according to the change parameter,
A modifying step for modifying the digital data;
A program for causing a computer to execute a signature data adding step for adding all or a part of the signature data to a predetermined position of the changed digital file is provided. According to still another aspect of the present invention, there is provided a computer-readable recording medium in which the above program is recorded.

According to the present invention, from digital data,
A plurality of different characteristic amounts are calculated, and a digital signature is generated from the characteristic amounts. Further, the digital signature data is added to a predetermined position of a file storing the digital data. As a result, it becomes possible to prove the originality of the original file for processing and editing in which the contents of the digital data are essentially unchanged, and the convenience of the digital file to which the digital signature is added can be improved.

[0018]

BEST MODE FOR CARRYING OUT THE INVENTION <First Embodiment> First, a digital signature generating means for generating digital signature data according to a first embodiment of the present invention will be described with reference to FIG. Digital data input from a digital camera, a digital video camera or the like is first input to the hash function generating means 101. Hash function generating means 10
In 1, the hash value is calculated from the digital data by using the hash function, and the hash value is input to the signature generation calculation means 102 in the subsequent stage. When performing the arithmetic processing using the public key cryptosystem, the signature generation arithmetic means 102 performs arithmetic processing on the hash value using the secret key to generate digital signature data. When the common encryption key method is used, the common data (secret key) required for encryption / decryption is used to perform an arithmetic operation on the hash value to generate digital signature data. Generated digital signature data 111
Is added to a predetermined position such as a header in the file 110 that stores the digital data 112.

Next, a digital signature verification apparatus for verifying a digital signature will be described with reference to FIG. First, the digital signature data 111 is read from a predetermined position in the file 110 that stores the digital data 112,
It is input to the signature verification calculation means 201. In the signature verification calculation means 201, when the calculation processing is performed by using the public key cryptosystem, the calculation processing is performed on the digital signature data by using the public key, the hash value is restored, and the comparison means 20 at the subsequent stage is executed.
Enter in 3. When the common encryption key method is used, the digital signature data is arithmetically processed using the common data (secret key) required for encryption / decryption, the hash value is restored, and the result is input to the comparison means 203 at the subsequent stage. To do.

Next, the digital data 112 is read from a predetermined position in the file 110 for storing the digital data and input to the hash function generating means 202. The hash function generating means 202 calculates a hash value from the digital data using the hash function, and inputs it to the comparing means 203 in the subsequent stage. The comparison unit 203 compares the hash value input from the signature verification calculation unit 201 with the hash value input from the hash function generation unit 202,
If the two hash values are the same, a true value (for example, 1) is output as the verification result, and if the two hash values are not the same, a false value (for example, 0) is output as the verification result. To do. By using the above digital signature verification device, it is possible to detect falsification of digital data.

Hereinafter, in this specification, the description of "generating a digital signature" means calculating the digital signature data from the digital data by using the digital signature generation means, as described with reference to FIG. The description "verify the digital signature" means to verify the signed digital data by using the digital signature verification means as described in FIG.

In the present embodiment, in order to make the description easy to understand, image data 301 as shown in FIG. 3 will be described as an example of digital data. Further, when the common key cryptosystem is used, the common data (secret key in the common key cryptosystem) necessary for verifying the digital signature can be safely distributed to the verifier through the network. Now, a digital signature for detecting falsification is calculated for the image data 301, but the digital signature may be calculated from the entire image data 301, or the image data is divided into blocks like 302, A digital signature may be calculated for each unit.

In the present embodiment, the case where the digital signature is calculated for each block will be described, but the case where the digital signature is calculated from the entire image is also within the scope of the present invention. If you calculate the digital signature for each block,
There is an advantage that the falsification position can be specified in block units.

In the present specification, the digital signature data which becomes the same digital signature data before and after the image change will be referred to as robust digital signature data for the image change without largely changing the image content. To do.
The robust digital signature data has an advantage that the originality of the digital data can be guaranteed as long as the digital data to which the signature is applied is processed / edited within a range that does not impair the contents of the digital data.

First, the robust digital signature generation means will be described with reference to FIG. The robust digital signature generation means 400 comprises a feature amount calculation means 401 and a digital signature generation means 402. The robust digital signature generation means 400 has a configuration in which the feature amount calculation means 401 is arranged in the preceding stage of the digital signature generation means of FIG. First, digital data is input to the feature amount calculation means 401. The characteristic amount calculation means 401 calculates the characteristic amount of the input digital data.
At this time, the feature amount calculation means 401 generates a feature amount that does not change stably (robust) unless the expression content of the digital data changes significantly. A specific example of the feature amount calculation means 401 will be described later in detail.

Next, the feature amount of each block output from the feature amount calculating means 401 is input to the digital signature generating means 402 in the subsequent stage. As already described with reference to FIG. 1, the digital signature generating means 402 executes a hash function on the input feature amount of each block, and when the public key cryptosystem is used, the secret key is used and the common key is used. When the encryption method is used, digital signature data is generated using common data (secret key) required for encryption / decryption. In this specification, the digital signature data for the above-described feature amount is referred to as robust digital signature data.

In FIG. 6, in the signature verification calculation means 601, when the calculation processing is performed using the public key cryptosystem, the calculation processing is performed on the robust digital signature data using the public key to restore the hash value, Comparison means 60 in the latter stage
Enter in 3. When the common encryption key method is used, the robust digital signature data is arithmetically processed using the common data (secret key) necessary for encryption / decryption, the hash value is restored, and the comparison means 603 in the subsequent stage performs the calculation. input.

FIG. 5 is a block diagram showing the internal structure of a robust digital signature adding apparatus for adding robust digital signature data to an image. First, the image data is input to the block division unit 501, and the block unit image divided into blocks as shown in FIG. 3 is output to the robust digital signature generation unit 502. Note that the block dividing unit 501 does not necessarily have to exist as described above. The robust digital signature generation means 502 generates robust digital signature data for each block and outputs it to the robust digital signature adding means 503 in the subsequent stage.
The above process is repeated for all blocks to calculate robust digital signatures for all block unit images.

The robust digital signature adding means 503 adds the robust digital signature data to a predetermined position of the image file. At this time, the robust digital signature data is added to a predetermined position (comment column or signature column) of the image file in association with the position of the block unit image so that the tampered block unit image can be identified. Further, the feature amount calculation method / parameter may be added to a predetermined position of the image file as needed. The robust digital signature adding device has been described above.

Next, the robust digital signature verification apparatus will be described with reference to FIG. The robust digital signature verification device has a configuration in which the feature amount calculation means 604 is arranged in front of the hash function generation means of the digital signature verification device of FIG. The characteristic amount calculation means 604 is the same as the characteristic amount calculation means 401 in the robust digital signature generation means 400 of FIG.

In FIG. 6, the means having the same name as the digital signature verification apparatus of FIG. 2 performs the same processing as that of the digital signature verification apparatus of FIG. First, in the robust digital signature verification device of FIG. 6, the robust digital signature data is read from a predetermined position of the digital data file to which the robust digital signature has been applied, and the signature verification calculation means 6
Enter 01. In the signature verification calculation unit 601, when the calculation process is performed using the public key cryptosystem, the robust digital signature data is calculated using the public key to restore the hash value and input to the comparison unit 603 in the subsequent stage. To do. When the common encryption key method is used, the robust digital signature data is arithmetically processed using the common data (secret key) necessary for encryption / decryption, the hash value is restored, and the comparison means 603 in the subsequent stage performs the calculation. input. The hash value restored here is the hash value of the feature amount calculated from the block unit image.

Next, the digital data is read from a predetermined position of the digital data file to which the robust digital signature is applied, and is input to the characteristic amount calculating means 604. The characteristic amount calculation means 604 performs the same processing as the characteristic amount calculation means 401 of the robust digital signature generation means 400 of FIG. 4, and outputs the characteristic amount to the hash function generation means 602 in the subsequent stage. The hash function generating means 602 calculates the hash value from the digital data using the hash function, and inputs it to the comparing means 603 in the subsequent stage. Comparison means 603
Then, the hash value input from the signature verification calculation unit 601 is compared with the hash value input from the hash function generation unit 602. If the two hash values are the same, a true value (for example, 1) is output as the verification result, and if the two hash values are not the same, a false value (for example, 0) is output as the verification result. To do. The robust digital signature verification device outputs a result that the verification result is true (the originality is verified) as long as the feature value calculated by the feature value calculation means does not change. The robust digital signature verification device has been described above.

Next, by combining the digital signature device and the robust digital signature device described above, a multi-level robust digital signature adding device and a multi-level robust digital signature capable of determining the level of tampering with an image or the level reliable as an original. The verification device will be described. The multi-level robust digital signature adding device will be described below with reference to FIG. In the multi-level robust digital signature adding device, FIG.
Similarly, the image data is input to the block dividing unit 701 to generate a block-divided block unit image.
Next, the block-divided block unit image is divided into blocks and the multi-level robust digital signature generation means 70 is executed.
Entered in 2. Unlike the robust digital signature generating means 400 of FIG. 4, the multi-level robust digital signature generating means 702 generates a plurality of robust digital signatures (which may include digital signatures) for one block unit image.

Finally, the multi-level robust digital signature adding means 703 adds a plurality of robust digital signature data to a predetermined position (comment column or signature column) in the image file. At this time, a plurality of robust digital signature data are added to the image file by associating the position information with the digital signature so that the falsified block unit image can be identified. Further, the feature amount calculation method / parameter may be added to a predetermined position of the image file as needed.

FIG. 8 is a diagram showing an example of the internal configuration of the multi-level robust digital signature generation means 702.
Hereinafter, the internal configuration will be described in detail. First, the block unit image is input to the digital signature generation means 801, the first robust digital signature generation means 802 and the second robust digital signature generation means 803. The block unit image input to the digital signature generation unit 801 may be an image represented in a spatial domain, or may be a coefficient value after image conversion represented by frequency conversion (discrete wavelet transform or discrete cosine transform). The digital signature generation means 801 uses a hash function and a public key encryption method (common encryption key method) and uses the digital signature data 0.
To generate. First robust digital signature generation means 80
2, the robust digital signature generating means 400 of FIG.
As described above, the robust digital signature is calculated from the feature amount of the input block unit image, and the digital signature data 1 is generated. The second robust digital signature generation means 803 is also the first robust digital signature generation means 8
Similarly to 02, the robust digital signature is calculated from the feature amount of the input block unit image, and the digital signature data 2 is generated.

Although FIG. 8 shows an example in which the digital signature data 0, the digital signature data 1 and the digital signature data 2 are generated, a plurality of different robust digital signature data (which may include the digital signature data) may be used. , Digital signature data 0 and digital signature data 1 alone, or a plurality of robust digital signature data. Note that the feature amount calculating means inside the first robust digital signature generating means 802 and the feature amount calculating means inside the second robust digital signature generating means 803 are means for calculating different feature amounts. A specific example of calculating different feature amounts will be described later in detail.

In the case of FIG. 8, digital signature generating means 80
The data input to 1 is data representing the entire block unit image. Therefore, if any change is made to the block unit image, the digital signature data 0 is very likely to take a different value. Therefore, the digital signature 0 is effective in strictly checking the originality and falsification.

Next, the digital signature data 1 is robust digital signature data after the calculation of the characteristic amount, and is robust digital signature data which is less sensitive to changes other than the image contents as compared with the digital signature data 0. .

Next, although the digital signature data 2 is the robust digital signature data after the feature amount calculation as in the digital signature data 1, the digital signature data 1
It is robust digital signature data that is less sensitive to changes other than image contents.

As described above, the digital signature data 0,
Reference numerals 1 and 2 are digital signature data capable of determining the originality and the level of falsification based on different standards.
The multi-level robust digital signature adding device has been described above.

Next, a multi-level robust digital signature verification device will be described. The multi-level robust digital signature verification device is a device that reads multi-level robust digital signature data added at a predetermined position of a digital data file and verifies the originality and falsification level of the digital data.

FIG. 9 is a block diagram of a multi-level robust digital signature verification device. First, a block unit image that is a verification unit is input to the multi-level robust digital signature verification device. The input block unit image is input to the digital signature verification means 901, the first robust digital signature verification means 902, and the second robust digital signature verification means 903.

The digital signature verification means 901, the first robust digital signature verification means 902, and the second robust digital signature verification means 903 respectively input the digital signature verification means, the robust digital signature verification means, and the robust digital signature verification means, The originality is verified for each input block unit image, and the verification results R0, R1, and R2 are output to the reliability conversion unit 904 in the subsequent stage. The reliability conversion means 904 calculates the reliability consisting of multi-step levels for the input block unit image (or the entire image) based on the plurality of input verification results R0, R1, R2, and the subsequent stage. Is input to the reliability display unit 905. The reliability display unit 905 displays the reliability calculated in the previous stage to the image verifier.

A display example of the reliability display means 905 will be described with reference to FIG. It is assumed that 1001 in FIG. 10 is an image in which alteration is added to FIG. Reliability display means 905
Then, the reliability calculated for each corresponding block unit image like 1002 may be displayed. In 1002, the smaller the numerical value, the higher the reliability, and the larger the numerical value, the lower the reliability. Also, not a numerical value, 1
As shown in 003, the reliability may be displayed visually using a color or a pattern. At this time, in order to make the tampered portion easy to understand, the verification target image 1001 may be displayed by overlaying 1002 or 1003. The multi-level robust digital signature verification device has been described above.

Next, the internal processing of the robust digital signature generating means 400 of the multi-level robust digital signature adding device will be specifically described. In recent years, digital cameras and digital video have been widely used in households as input devices for digital data. Since the volume of digital data of still images / moving images is very large, the above input device handles compressed image data. Therefore, it is necessary to add / verify a digital signature to the compressed image data.

In the present embodiment, a case will be described in which a digital signature is added / verified to JPEG2000 compression-encoded image data which is expected to become a standard for still image compression technology in the future. First of all, JPEG20
The outline of the compression method of 00 will be briefly described. JP
A block diagram of the image coding apparatus of the EG2000 is shown in the upper part of FIG. First, pixel signals forming an image to be encoded are input to the image input unit 1101 in raster-scan order, and the output thereof is input to the discrete wavelet transform unit. The discrete wavelet transform unit 1102 performs a two-dimensional discrete wavelet transform process on the input image signal, calculates a transform coefficient, and outputs it. Since the details of the discrete wavelet transform are known, the description is omitted here.

FIG. 12 shows an example of the structure of a two-level conversion coefficient group obtained by a two-dimensional conversion process. The image signal is decomposed into coefficient sequences HH1, HL1, LH1, ..., LL in different frequency bands. In the following description, these coefficient sequences will be called subbands. The coefficient of each subband is stored in the subsequent quantizer 110.
3 is output. The quantizer 1103 quantizes the input coefficient by a predetermined quantization step and outputs an index for the quantized value. The transform coefficient input to the quantization unit 1103 is output as it is to the entropy encoding unit 1104 that follows. The entropy coding unit 1104 decomposes the input quantization index into bit planes, performs binary arithmetic coding on a bit plane basis, and outputs a code stream. The code output unit 1105 can output a code string including a code stream to the code input unit 1106 via a transmission path.

Next, a method of decoding the bit stream generated by the above-described image coding device will be described. The lower part of FIG. 11 is a block diagram showing the configuration of the image decoding apparatus. 1106 is a code input unit, 1107 is an entropy decoding unit, 1108 is an inverse quantization unit, 1109 is an inverse discrete wavelet transform unit, and 1110 is an image output. It is a department. The code input unit 1106 inputs a code string, analyzes a header included in the code string, extracts parameters necessary for subsequent processing, controls the flow of processing when necessary, or applies to a subsequent processing unit. It sends parameters. Also, the bitstream included in the code string is output to the entropy decoding unit 1107. The entropy decoding unit 1107 decodes the bitstream in bit plane units and outputs it. The restored quantization index is output to the inverse quantizer 1108.

The inverse quantizer 1108 restores the discrete wavelet transform coefficient from the input quantization index and the quantization table 1111 read from the header. The transform coefficient is the inverse discrete wavelet transform unit 11 that follows.
It is output to 09. Inverse discrete wavelet transform unit 110
In 9, the two-dimensional inverse discrete wavelet transform is executed,
The original image signal is restored from the transform coefficient. At this time, JP
If the perfect reconstruction condition in EG2000 is satisfied, the restored image signal matches the original image signal. The image output unit 1110 outputs the restored image signal. that's all,
The JPEG2000 compression method has been briefly described.

Hereinafter, the discrete wavelet transform will be abbreviated to DWT. In the present embodiment, the feature amount calculation unit 402 in the robust digital signature generation unit 400 uses the quantized DWT coefficient in the JPEG2000 compression encoding for the calculation of the feature amount. For the sake of simplicity, a reversible filter will be used as the discrete wavelet filter.

FIG. 13 shows a quantization table used in the quantization unit 1103. This quantization table 1300
Before applying the multi-level robust digital signature,
It is assumed that this is the quantization table used for image compression.
In JPEG2000, the quantization step is constant for each subband. Further, in FIG. 13, the coefficient values of the quantization table are omitted. Quantization table 1301, 1
Reference numerals 302 are quantization tables for realizing medium compression and high compression (low image quality), respectively.
It is assumed that the quantization steps of the portions surrounded by black frames 01 and 1302 are the same as the quantization steps of the quantization table 1300.

In the present embodiment, the feature quantity calculation means 401 of the robust digital signature generation means 400 uses discrete wavelet transform, quantization using a predetermined quantization table, and quantization of a predetermined area in the quantized DWT coefficient. DW
The T coefficient is extracted. Second-stage digital signature generation means 4
In 02, digital signature data is generated from the extracted quantized DWT coefficient of the predetermined area. Here, the predetermined quantization table is a quantization table having a common quantization step in a predetermined area with the quantization table used in the JPEG2000 compressed image that is the target of digital signature data generation. The predetermined area is an area having the same quantization step as the quantization table used in the JPEG2000 compressed image which is the target of digital signature data generation. (The black frame in FIG. 13 corresponds to the predetermined area.)

The processing of the multi-level robust digital signature adding device will be specifically described below. Now, consider adding a multi-level robust digital signature data to the JPEG2000 compressed image file A compressed using the quantization table 1300 using a multi-level robust digital signature adding device. First, in the digital signature generation unit 801, the entire pixel value of the block unit image (or the quantized D corresponding to the block unit image is used).
WT coefficient) to generate digital signature data 0. Next, the first robust digital signature generation means 802
Then, among the quantized DWT coefficients of the JPEG2000 compressed image file A, the quantized DWT coefficients corresponding to the black frame of the quantization table 1301 are processed to generate the digital signature data 1. Next, in the second robust digital signature generating means 803, the quantization table 13 among the quantized DWT coefficients of the JPEG2000 compressed image file A is quantized.
The corresponding quantized DWT coefficient in the black frame of 02 is processed to generate digital signature data 2.

The digital signature data 0, 1 and 2 are added to a predetermined position of the image file to obtain a signed image file A '. Next, the quantization table 130 is added to the digitally signed image file A ′.
Consider recompression using 3. This compression is not a change that significantly changes (alters) the image content. The quantization step in the black frame of the quantization table 1303 is the same as the quantization step in the corresponding position of the quantization table 1300. As a result of the recompression, the compressed image file A ″ is generated, but it is assumed that the multi-level robust digital signature added to the predetermined position of the image file A ′ is succeeded to the image file A ″. Next, the image file A ″ recompressed using the quantization table 1303 is verified by using the multi-level robust digital signature verification device of FIG.

Inside the digital signature verification means 901, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from a predetermined position of the file have different values. This is because the quantization table used for recompression and the quantization step at the corresponding position before recompression take different values, and the DWT after quantization is different.
This is because the coefficient changes.

First robust digital signature generating means 90
Inside 2, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from the predetermined position of the file do not change even by recompression. This is because the quantization step in the black frame of the quantization table 1301 is the same as the quantization step at the corresponding position before recompression, and the quantized DWT coefficient does not change.

Second robust digital signature generating means 90
3, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from a predetermined position of the file do not change even by recompression. This is because the quantization step in the black frame of the quantization table 1302 is the same as the quantization step at the corresponding position before recompression, and the quantized DWT coefficient does not change.

Therefore, in the reliability conversion means 904,
From the above verification results, it is possible to convert the degree of reliability to medium, although not the highest. The reliability display means 905 may display the reliability level as described above, or may display a message such as "may be recompressed, but image contents have not been tampered with" in the image file. May be displayed to the verifier. The verification of the originality when the image data to which the multi-level robust digital signature data is added is recompressed has been described above.

In JPEG2000, the property of the discrete wavelet transform is used, and SNR scalability (a function of retaining a high-definition image from a rough image quality) and spatial scalability (a function of retaining a high-resolution image from a low-resolution image). ) And other functions can be realized. Therefore,
As described below, not only the reliability of the recompressed image but also the reliability of the reduced image can be determined.

The case where the reliability of the reduced image is determined will be described below. When the spatial scalability function of JPEG2000 is used, the original image 1401 shown in FIG. 14 is 1 from all the unquantized DWT coefficients.
The reduced image 1402 of / 4 is the DW inside the black frame 1301.
From the T coefficient, the reduced image 1403 of 1/16 is 1302
It is known that can be restored from the DWT coefficient inside the black frame of. (It is necessary to use a reversible discrete wavelet filter without quantization.)

Therefore, when the robust digital signature data is calculated from the DWT coefficient at the position corresponding to the black frame of the quantization table 1301, it can be used for the reliability judgment of the reduced image of 1/4 of the signature image. Similarly, the robust digital signature data calculated from the DWT coefficient at the position corresponding to the black frame of the quantization table 1302 can be used for the reliability determination of the reduced image of 1/16 of the signature image.

As described above, the use of the multi-level robust digital signature greatly overcomes the conventional problem that only the digitally signed digital data can be used for the reliability determination, and the reliability determination is performed even for a reduced image. Will be possible. This makes it possible to verify the originality of digital data by using a reduced image without presenting the digitally signed digital data itself, and it is possible to greatly expand the uses of digitally signed digital data. Becomes In addition, it is possible to add / verify a multi-level robust digital signature to a JPEG2000 compression-encoded image that is losslessly compressed.

In the case of the above lossless compression, the quantization table 1300 is a table that does not perform quantization, and the quantization tables 1301 and 1302 are quantization tables that do not perform quantization within a black frame. Even in this case, it is needless to say that the image can be verified by using the multi-level robust digital signature as described above.

Further, in JPEG2000, in entropy coding, it is possible to perform quantization by cutting off the lower bit plane for each subband. However, the multilevel robust digital signature adding / verifying apparatus according to the present embodiment. Can also support the quantization in the entropy coding described above. In the case of assuming conversion to a grayscale image, the robust digital signature generation means uses the feature amount extraction means to quantize the luminance signal DW.
The robust digital signature data may be generated by extracting only the T coefficient.

Further, in this embodiment, the DW after quantization is
The case where the digital signature is calculated for the T coefficient has been described in detail, but if a reversible discrete wavelet filter is used, the pixel value before the discrete wavelet transform and the DWT coefficient after the discrete wavelet transform unit 1002 may be used. Further, in JPEG2000, entropy coding is performed in subband units or bitplane units, so that it is possible to easily extract a reduced image from coded data. Therefore, the digital signature data (robust digital signature data) may be calculated for the encoded data after the entropy encoding.

As described above, in the present embodiment, the reliability of an image can be checked in stages by using a plurality of digital signatures based on image features. By using the technique described in the present embodiment, it is possible to determine the originality also from re-compression of an image, a reduced image, or a converted image to gray scale, which has been difficult to deal with in the past. In addition, J
A method for generating digital signature data (robust digital signature data) for encoded data after entropy encoding in a PEG2000 compression encoded image will be described in detail in the fifth embodiment.

<Second Embodiment> In the first embodiment,
Multi-level robust digital signature addition and verification for JPEG2000 compression-encoded images have been described. Similarly, multi-level robust digital signature addition for JPEG which is the current image compression technology standard,
Verification can be realized.

First, the outline of the JPEG compression method will be briefly described. A block diagram of the JPEG image encoding device is shown in the upper part of FIG. First, a pixel signal forming an image to be encoded is input to the image input unit 1501 for each minimum encoding unit, and its output is input to the discrete cosine transform unit 1502. Discrete cosine transform unit 15
Reference numeral 02 performs two-dimensional discrete cosine transform processing on the input image signal to calculate and output discrete cosine transform coefficients. Since the details of the discrete cosine transform are known, the description is omitted here.

Next, the quantizer 1503 quantizes the input coefficient based on the quantization table and outputs the index for the quantized value. The quantization table is an element that determines the image quality and the compression rate. The transform component input to the quantization unit 1503 is subjected to zigzag scanning after calculating the difference in the DC component, and the subsequent entropy encoding unit 15
It is output to 04. In the entropy encoding unit 1504,
According to the encoding table, the input quantized discrete cosine transform coefficient is encoded and a code stream is output. The code output unit 1505 can output a code string including the code stream to the code input unit 1506 via the transmission path.

Next, a method of decoding a bitstream by the above-described image coding device will be described. Figure 1
The lower part of FIG. 5 is a block diagram showing the configuration of the image decoding apparatus. 1506 is a code input unit, 1507 is an entropy decoding unit, 1508 is an inverse quantization unit, 1509 is an inverse discrete cosine transform unit, and 1510 is an image output unit. Is. Code input section 1
A code string 506 inputs a code string, analyzes a header included in the code string, extracts a parameter required for the subsequent processing, controls the flow of the processing when necessary, or sends the corresponding parameter to a subsequent processing unit. To do. Further, the bitstream included in the code string is output to the entropy decoding unit 1507.

The entropy decoding unit 1507 decodes the bit stream and outputs it. The reconstructed quantization index is output to the inverse quantizer 1508. The inverse quantizer 1508 restores the discrete cosine transform coefficient from the input quantization index and the quantization table 1511 read from the header. The transform coefficient is output to the subsequent inverse discrete cosine transform unit 1509. The inverse discrete cosine transform unit 1509 executes a two-dimensional inverse discrete cosine transform to restore the original image signal in the minimum coding unit from the transform coefficient. The above processing is performed for all the minimum coding units forming the original image to restore the entire original image. The image output unit 1510 outputs the restored image signal. Hereinafter, the discrete cosine transform is abbreviated as DCT and used. In the present embodiment, the block unit image corresponds to the minimum coding unit in JPEG compression, and the robust digital signature generation means 4
The DCT coefficient after quantization in JPEG compression is used for the calculation of the characteristic amount by the characteristic amount calculation means 402 in 00.

FIG. 16 shows a quantization table in JPEG compression used in this embodiment. The quantization table 1600 (the coefficient values of the quantization table are omitted) is a quantization table used for compressing an image before adding a multi-level robust digital signature. The quantization tables 1601 and 1602 are quantization tables for realizing medium compression and high compression (low image quality), respectively.
The quantization step of the part surrounded by the black frame of 02 has the same value as the quantization step of the quantization table 1600. In the present embodiment, the feature amount calculation unit 401 of the robust digital signature generation unit 400 uses the signature target J
A quantized DCT coefficient at a corresponding position in the quantization table used for compression in the PEG compressed image and a quantization table having a common quantization step in a predetermined area is extracted. Then, the digital signature generating means 402 in the subsequent stage processes the quantized DCT coefficient in the predetermined area to generate a digital signature.

The processing of the multi-level robust digital signature adding device will be specifically described below. For the JPEG compressed image file B quantized by the quantization table 1600, the multi-level robust digital signature generation means 8
00 is used to calculate the digital signature data. First, in the digital signature generation means 801, the block unit image in space (or the JPEG of the block unit image is
The entire DCT coefficient in the compression process) is processed to generate digital signature data 0. Next, the first robust digital signature generation means 802 processes the quantized DCT coefficient corresponding to the black frame of the quantization table 1601 among the quantized DCT coefficients of the JPEG compressed image file B to generate the digital signature data 1. To do. Next, in the second robust digital signature generation means 803, the JPEG compressed image file B
Among the quantized DCT coefficients of, the quantized DCT coefficient corresponding to the black frame of the quantization table 1602 is processed to generate the digital signature data 2.

The above-mentioned digital signature data 0, 1, 2 is added to a predetermined position of the image file, and an image file B'with a signature is obtained. Next, let us consider recompressing the image file B ′ to which the digital signature is added, using the quantization table 1603. This compression is not a change that significantly changes (alters) the image content.
The quantization step in the black frame of the quantization table 1603 is
It has the same value as the quantization step at the corresponding position in the quantization table 1600. As a result of the recompression, the compressed image file B ″ is generated, but it is assumed that the multi-level robust digital signature added to the predetermined position of the image file B ′ is succeeded to the image file B ″. Next, the image file B ″ recompressed using the quantization table 1603 is verified by using the multilevel robust digital signature verification device in FIG.

Inside the digital signature verification means 901, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from a predetermined position of the file have different values. This is because the quantization table used for recompression and the quantization step at the corresponding position before recompression have different values, and the DCT after quantization is different.
This is because the coefficient changes.

First robust digital signature generating means 90
Inside 2, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from the predetermined position of the file do not change even by recompression. This is because the quantization step in the black frame of the quantization table 1601 is the same as the quantization step at the corresponding position before recompression, and the quantized DCT coefficient does not change.

Second robust digital signature generating means 90
3, the hash value calculated from the block unit image and the hash value calculated from the digital signature read from a predetermined position of the file do not change even by recompression. This is because the quantization step in the black frame of the quantization table 1602 is the same as the quantization step at the corresponding position before recompression, and the quantized DCT coefficient does not change.

Therefore, in the reliability conversion means 904,
From the above verification results, it is possible to convert the degree of reliability to medium, although not the highest. The reliability display means 905 may display the reliability level as described above, or may display a message such as "may be recompressed, but image contents have not been tampered with" in the image file. May be displayed to the verifier.

The precautions in this embodiment will be described below. DCT in the basic JPEG format is not completely lossless. Therefore, the DCT coefficient of the compressed image is inversely DCT'ed back to the spatial image, and the DCT coefficient obtained by DCT again is not always the same as the original DCT coefficient. Therefore, in the present embodiment, the following two methods may be used for recompression.
(1) The DCT coefficient before quantization is calculated by inverse quantization from the JPEG compression coded data before recompression, and requantized again with a new quantization table to obtain the quantized DCT coefficient. (Do not use DCT and inverse DCT) (2) Use completely reversible DCT. The above is the same when the irreversible discrete wavelet filter is used in the first embodiment.

<Third Embodiment> In the first and second embodiments, verification of a multi-level robust digital signature when a compressed or reduced image is extracted from an image to which a multi-level robust digital signature is applied. Said.
In the third embodiment, a multi-level robust digital signature generation means capable of verifying the originality even when γ correction is applied to an image will be described.

In the third embodiment, as the feature amount calculation means 401 in the robust digital signature generation means 400,
The feature amount calculating means 1700 shown in FIG. 17 is used. The feature amount calculation means 1700 comprises a differential filter 1701 and a quantization means 1702. First, the block unit image input to the feature amount calculation means 1700 is a differential filter 1701.
Is processed in. The differential filter is a filter typified by a Laplacian filter that calculates a difference from surrounding pixel values. The differential filter 1701 outputs the differential image of the processing result to the quantizing means 1702 at the subsequent stage. Next, the quantizing means 1702 quantizes the edge-enhanced differential image obtained in the previous stage, and outputs the image feature amount.

The internal processing in the robust digital signature generation means 400 in the third embodiment will be described below with reference to FIG. The image 1800 is an image for which robust digital signature data is calculated.
An image 1801 is an image in which γ correction is performed on 0 to make it easy to understand the image characteristics. Reference numeral 1804 shows a graph in which the relationship between the pixel values and the spatial positions of the images 1800 and 1801 is briefly shown in one dimension by a broken line and a solid line, respectively. 1804 shows that the image 1800 has little change in pixel value and the image feature is difficult to grasp.

Next, the images resulting from the differential filter are applied to the images 1800 and 1801, respectively.
1802 and 1803. As a result of the differential filter, it can be seen that the portion where the change in pixel value is large is emphasized.
Next, a graph in which the relationship between the differential value of the differential image 1802 and the differential image 1803 and the spatial position is shown in a one-dimensional manner by a broken line and a solid line is shown in 1805. The differential image 1803 has a larger differential value. Finally, 1805
On the other hand, it is understood that the same quantized data can be obtained by performing the quantization using an appropriate quantization parameter. That is, it is possible to generate a robust digital signature that does not change even with respect to the image 1801 obtained by gamma-correcting the image 1800. When a multi-level robust digital signature is generated using the feature amount calculation means 1700, as in the first and second embodiments,
The quantization parameter used by the quantizing means may be different for each robust digital signature generating means. With the above configuration, it is possible to verify the originality of the image data and the presence or absence of tampering with the multi-level robust digital signature even for the image subjected to the γ correction.

<Fourth Embodiment> In the fourth embodiment,
This paper describes image editing software that edits image data to which multi-level robust digital signature data is added to maintain originality.

FIG. 19 is a diagram showing the operation of an application for processing / editing a JPEG and JPEG2000 compression-encoded image having a multi-level robust digital signature. The application moves to step 1901 when the user gives a processing / editing instruction,
The following processing is executed. In step 1902, it is recognized that there is multi-level robust digital signature data at a predetermined position in the image file, and the multi-level robust digital signature data is read. Next, in step 1903, it is confirmed to the user whether the originality is maintained and the image is processed / edited. If the originality is to be maintained, the flow advances to step 1904 to read the quantization table from a predetermined position in the image file. At this time, the other quantization tables used for generating the robust digital signature are also read out.

This is because in order to recompress (reduce) the compression-coded image to which the multi-level robust digital signature has been applied while maintaining the signature, it is necessary to know the range in which the robust digital signature does not change. . Next, in step 1905, the application determines the quantization table that is considered not to lose the signature. Next step 19
At 06, the user is confirmed as to the quantization table that does not lose the decided signature. Next, in step 1907, recompression (or reduction) is performed based on the determined quantization table. Then, the procedure goes to step 1908.

If the digital signature is not maintained in step 1903, the flow advances to step 1909 to input user-specified parameters. Next, the process proceeds to step 1910, and recompression (or reduction) is performed using the user-specified parameter.

Next, step 1908 verifies the signature, verifies that the multi-level robust digital signature is still maintained, and displays the result. Finally, in step 1911, the multi-level robust digital signature data is added to a predetermined position of the new image file. Here, several methods can be considered for the multi-level robust digital signature data in step 1911. For example, in the case of recompressing an image file, the multi-level robust digital signature data before recompression may be directly taken over to a predetermined position of the recompressed image file. In this case, the level of reliability can be determined stepwise by taking advantage of the characteristics of the multi-level robust digital signature data.

On the other hand, when the image editing software of this embodiment is used to obtain the reduced images 1402 and 1403 as shown in FIG. 14, the reduced images are selected from the multi-level robust digital signature data. It is also possible to take the form in which only the robust digital signature data corresponding to is taken over to a predetermined position of the edited image file,
The robust digital signature data corresponding to the reduced image and the robust digital signature data of the reduced image smaller than that may be taken over. In this case, it is not possible to judge the level of reliability stepwise, but it is sufficiently effective for the purpose of confirming the verification of the originality of the reduced image data, and all the multi-level robust digital signature data before image editing It seems not necessary to take over.

Further, in the image editing software of the present embodiment, a comment, a flag, and the contents of the change indicating that the digital file with the changed multi-level robust digital signature data has been changed to maintain the signature. May be inserted at a predetermined position in the file. In the comment, the address (URL) on the network where the pre-change multi-level robust digital signature data exists
Etc.) may be described. The comment has the effect of clearly indicating to the verifier that the data before the change of the multi-level robust digital signature exists, and the verifier should obtain the data with a high-definition multi-level robust digital signature as necessary. Will also be possible.

<Fifth Embodiment> In the first embodiment,
The case where the quantized DWT coefficient of the JPEG2000 compression-encoded image is input to generate the robust digital signature data has been described in detail, but in the present embodiment, JPEG is used.
The case of inputting the encoded data of the 2000 compression encoded image and generating the robust digital signature data will be described in detail.

FIG. 21 is a schematic diagram showing the structure of a code string without spatial scalability / ROI in JPEG2000. FIG. 1A shows the overall structure of the code string, where MH is a main header, TH is a tile header, and BS is a bit stream. The main header MH is, as shown in FIG. 7B, the size of the image to be encoded (the number of pixels in the horizontal and vertical directions), the size when the image is divided into tiles that are rectangular areas, and each color component. It is composed of the number of components indicating the number, the size of each component, and the component information indicating the bit precision.

Next, the structure of the tile header TH is shown in FIG. 6 (c). The tile header TH includes a tile length including a bit stream length and a header length of the tile, and an encoding parameter for the tile. The coding parameters include the level of discrete wavelet transform, the type of filter, and the like.

The structure of the bit stream is shown in FIG. In the figure, the bit stream is collected for each sub-band, and the sub-bands with smaller resolutions are arranged at the top in order of increasing resolution. further,
Within each subband, codes are arranged in units of bit planes from the upper bit plane to the lower bit plane. With the above code array, it is possible to perform hierarchical decoding in which the resolution is spatially increased.

Actually, the above-mentioned bit stream is constructed in packet units. A packet is a set of coding paths divided by each precinct at each subband level in each layer in each color, and a bitstream (tile encoded data) is configured with this packet as a unit.

Here, the code block, coding path, layer, and precinct will be briefly described. A code block is a unit of coding in which each subband is divided into rectangles. A coding pass is a unit for entropy coding (binary arithmetic coding) a bit plane. A layer is a set of coding passes across subbands that belong to one or more codeblocks.
The precinct is a set of data that holds the same area in the original image. The compression encoding method of JPEG2000 is already well known, and a detailed description thereof will be omitted here.

In JPEG2000 compression coded data,
The data area of the packet corresponding to LL, HH2, and HH1 in the entropy-coded data can be specified by checking the packet header that describes the size of the packet that is present in the main header, tile header, or the like.
Therefore, LL encoded data in the bitstream for each tile, LL to HH2 encoded data, LL to HH
If digital signature data is generated for encoded data up to 1, 1/16 reduced image, 1 /
It is possible to generate a multi-level robust digital signature for 4 reduced images and full size images.

In this case, although the image content does not change when the entropy coding method changes, the robust digital signature data changes and is judged to be tampered, but the CPU is weaker than the PC. Even such digital cameras / digital video cameras can generate multi-level robust digital signature data at high speed. The generated multi-level robust digital signature data is added to a predetermined position of the file together with the information of the corresponding tile position and sub band.

In the present embodiment, the case where the coded data is arranged in the space scalable is described, but similarly, the multi-level robust digital signature data can be generated even in the SNR scalable or the like. Further, it is possible to generate the multi-level robust digital signature data not only for the reduced image but also for the luminance of each reduced image by utilizing the characteristics of the JPEG2000 compression coded data. In addition, by analyzing the packet header, even if the encoded data is arranged in SNR scalable, the multilevel robust digital signature data of the 1/16 reduced image, the 1/4 reduced image, and the full size image can be obtained. It can also be generated and vice versa.

In the above, the first, second, third, fourth and fifth embodiments have described the addition / verification of the multi-level robust digital signature to the digital image data. However, the present embodiment does not limit the addition / verification target of the multi-level robust digital signature to digital image data. Since the moving image data can be considered as a collection of two-dimensional image data in the time direction, the principle of this embodiment can be applied. Further, with respect to voice data, the addition and verification of multi-robust digital signature data can be applied by replacing the processing of two-dimensional image data with one-dimensional processing.

FIG. 20 is a block diagram showing the arrangement of a computer for verifying a multi-level robust digital signature in the information processing apparatus according to this embodiment. In FIG. 20, a CPU 2 which is a component of the present apparatus
011, RAM 2012, ROM 2013, display control unit 2014, connection I / O 2017 of operation input device such as device keyboard and mouse, connection I / O 2019 of external storage device, image input device such as digital camera / digital video camera / image scanner The connection I / O 2022 and the interface unit 2023 with another computer system are connected to the bus 2020.

Further, the digital camera 2021 is connected to the image input device via the communication cable 2003 and is connected to the I / O unit.
It is connected to O2022. In addition, the display 20
Reference numeral 15 is connected to the display control unit 2014. Furthermore, an operation input unit 201 such as a keyboard or a mouse
6 is connected to the connection I / O 2017 of the operation input device. Furthermore, the external storage device 2018 such as a hard disk device is a connection I / O 2019 for the external storage device.
Connected to.

The information processing apparatus for verifying the multi-level robust digital signature described in the first, second, third, fourth and fifth embodiments is stored in the ROM 2013 in advance as a computer executable program. After the program is stored and read in the RAM 2012, or after the program stored in the external storage device 2019 in advance is read in the RAM 2012, or the program is downloaded through the interface unit 2023 with a communication unit such as a network. Then, after reading in the RAM 2012, the CPU 20
This embodiment is implemented by executing the program according to 11.

If the target of verification of the multi-level robust digital signature is an image, the digital camera 202
1 or input using an input device such as a digital video camera instead of the digital camera. And
The input image is sent to the RAM 20 through the connection I / O 2022.
12 is stored inside, or is stored in the external storage device 20.
18 through connection I / O 2019, RAM2
012 or the RAM 2012 through a communication means 2023 such as a network.

When the target of verification of the multi-level robust digital signature is a voice signal, it is input using a voice input device such as a microphone instead of the digital camera 2021 in FIG. The input voice is stored in the RAM 2012 through the connection I / O 2022, or the connection I / O 201 is stored through the external storage device 2018.
R is stored in the RAM 2012 through the communication unit 9 or through the communication means 2023 such as a network.
It is stored inside the AM 2012.

When the target of verification of the multi-level robust digital signature is moving image data, it is input using an input device such as a digital video camera instead of the digital camera 2021 in FIG. The input moving image is stored in the RAM 2012 through the connection I / O 2022, or is stored in the RAM 2012 through the connection I / O 2019 from the external storage device 2018, or the communication means 20 such as a network.
The data is stored in the RAM 2012 through 23. still,
The verification of the multi-level robust digital signature is controlled through input from the keyboard & mouse 2016 or communication means 2023 such as a network.

In the information processing apparatus according to the present embodiment, the generation / addition of the multi-level robust digital signature may be performed within the digital camera / digital video camera 2021 immediately after the digital data is captured by using a dedicated hardware circuit. . Alternatively, a computer having a configuration similar to that of FIG. 20 inside the digital camera / digital video camera 2021 may generate / add the multilevel robust digital signature. Even if this embodiment is applied to a system including a plurality of devices (for example, a host computer, an interface device, a reader, a printer, etc.), a device including one device (for example, a copying machine, a facsimile device, etc. ) May be applied.

Further, an object of the present invention is to supply a recording medium (or storage medium) recording a program code of software for realizing the functions of the above-described embodiments to a system or apparatus, and to supply a computer of the system or apparatus ( Alternatively, the CPU or MPU) reads and executes the program code stored in the recording medium,
It goes without saying that it will be achieved. In this case, the program code itself read from the recording medium realizes the function of the above-described embodiment, and the recording medium recording the program code constitutes the present embodiment. Further, by executing the program code read by the computer, not only the functions of the above-described embodiment are realized, but also an operating system (OS) running on the computer is executed based on the instruction of the program code. It goes without saying that a case where some or all of the actual processing is performed and the functions of the above-described embodiments are realized by the processing is also included.

Further, after the program code read from the recording medium is written in the memory provided in the function expansion card inserted into the computer or the function expansion unit connected to the computer, based on the instruction of the program code, , The CPU provided in the function expansion card or the function expansion unit performs some or all of the actual processing,
It goes without saying that the processing includes the case where the functions of the above-described embodiments are realized. When this embodiment is applied to the recording medium, the recording medium stores the program code corresponding to the flowchart described above.

According to this embodiment, a plurality of different characteristic amounts are calculated from digital data, a digital signature is generated from the characteristic amounts, and the digital signature data is added to a predetermined position of a file storing the digital data. However, it is possible to prove the originality of the digital data when the content of the digital data is essentially unchanged, and to enhance the convenience of the digital file to which the digital signature is added.

The above-mentioned embodiments are merely examples of the implementation of the present invention.
The technical scope of the present invention should not be limitedly interpreted by these. That is, the present invention can be implemented in various forms without departing from its technical idea or its main features.

[0112]

As described above, according to the present invention,
Calculate different feature quantities from digital data,
A digital signature is generated from the feature quantity. Further, the digital signature data is added to a predetermined position of a file storing the digital data. As a result, for processing and editing in which the contents of digital data are essentially unchanged,
The originality can be proved, and the convenience of the digital file to which the digital signature is added can be improved.

[Brief description of drawings]

FIG. 1 is a block diagram showing an internal process of a digital signature generation means.

FIG. 2 is a block diagram showing an internal process of a digital signature verification device.

FIG. 3 is a diagram showing image data showing an example of digital data.

FIG. 4 is a block diagram showing an internal process of a robust digital signature generation means.

FIG. 5 is a block diagram showing an internal process of the robust digital signature adding apparatus.

FIG. 6 is a block diagram showing an internal process of the robust digital signature verification device.

FIG. 7 is a block diagram showing the internal processing of the multi-level robust digital signature adding apparatus.

FIG. 8 is a block diagram showing the internal processing of a multi-level robust digital signature generation means.

FIG. 9 is a block diagram showing the internal processing of a multi-level robust digital signature verification device.

10 is a diagram showing an example of a display result of the reliability display means of FIG.

FIG. 11 is a block diagram showing the internal processing of JPEG2000 image compression encoding / decompression decoding.

FIG. 12 is a diagram illustrating a result of discrete wavelet transform.

FIG. 13 is a diagram showing an example of a quantization table used by the quantization unit in FIG. 11.

FIG. 14 is a diagram showing the spatial scalability of JPEG2000.

FIG. 15 is a block diagram showing an internal process of JPEG image compression encoding / decompression decoding.

16 is a diagram showing an example of a quantization table used by the quantization unit in FIG.

FIG. 17 is a block diagram showing an internal configuration of a feature amount calculation means in the third exemplary embodiment.

FIG. 18 is a diagram for explaining the processing of the feature amount calculation means in the third exemplary embodiment.

FIG. 19 is a flowchart for explaining processing of image editing software according to the fourth embodiment.

FIG. 20 is a diagram showing an internal configuration of a computer.

FIG. 21 is a schematic diagram showing the configuration of a code string without spatial scalability / ROI in JPEG2000.

[Explanation of symbols]

400 Robust digital signature generation means 401 feature amount calculation means 402 digital signature generation means 800 Multi-level robust digital signature generation means 801 Digital signature generation means 802 First robust digital signature generating means 803 Second robust digital signature generating means

Continued front page    F term (reference) 5B057 CB19 CD05 CE08 CE09 CG01                       CG07 CG09                 5C076 AA14 BA06                 5J104 AA09 LA03 NA12

Claims (22)

[Claims] 1. An information processing device for generating a plurality of signature data from digital data for verifying digital data, comprising: a feature amount calculating means for calculating a plurality of different feature amounts for the digital data. A hash function generating unit that calculates a plurality of hash data from the plurality of different feature amounts; and a signature data generating unit that performs a predetermined operation on the plurality of hash data to generate a plurality of signature data. An information processing device characterized by the above. 2. The information processing apparatus according to claim 1, wherein the predetermined operation is an operation using a secret key in a public key cryptosystem. 3. An information processing device for verifying digital data using a plurality of signature data, comprising: a feature amount calculating means for calculating a plurality of different feature amounts from the digital data; and a plurality of the different features. Hash function generation means for calculating a plurality of first hash data from the amount, signature data input means for inputting a plurality of initial generation signature data relating to the digital data, and predetermined for the plurality of initial generation signature data Signature verification calculation means for performing calculation to generate a plurality of second hash data, comparison means for comparing the plurality of first hash data and second hash data, and outputting a comparison result, the comparison result And a multi-step level display means for displaying the verification result of the digital data in multi-step levels. Information processing device. 4. The information processing apparatus according to claim 3, wherein the predetermined operation is an operation using a public key in a public key cryptosystem. 5. The information processing apparatus according to claim 1, wherein the different characteristic amounts are obtained from coefficient values of different frequency bands of frequency coefficients obtained by frequency-converting the digital data. 6. The different feature amount is obtained from quantized values of different frequency bands of frequency coefficients obtained by frequency-converting the digital data.
The information processing device according to 1. 7. The information processing apparatus according to claim 1, wherein the different feature amounts are obtained from encoded data obtained by compression-encoding the digital data. 8. The information processing apparatus according to claim 1, wherein the different feature amount is obtained from a quantized value of differential digital data obtained by differentiating the digital data. 9. The information processing apparatus according to claim 5, wherein the frequency transform includes a discrete cosine transform. 10. The information processing apparatus according to claim 5, wherein the frequency transform includes a discrete wavelet transform. 11. An information processing apparatus for modifying digital data of a digital file containing digital data and signature data for verifying digital data, wherein a plurality of signature data is provided from a predetermined position of the digital file. A signature data reading unit for reading a parameter, a parameter reading unit for reading a parameter of the digital data from a predetermined position of the digital file, and a changing parameter for determining a parameter that can verify the originality of the digital data using the parameter Determining means, modifying means for modifying the digital data while maintaining the originality of the digital data according to the modifying parameter, and adding all or part of the signature data to a predetermined position of the modified digital file. Do The information processing apparatus characterized by comprising a fit of signature data adding means. 12. The signature data adding means includes inserting a comment or flag indicating that a change has been made to the digital file or a description of the change content into a predetermined position of the changed digital file.
The information processing device according to 1. 13. The information processing apparatus according to claim 12, wherein the comment includes a network address indicating a location of the digital file before being changed. 14. An information processing method for generating a plurality of signature data from digital data for verifying digital data, comprising a feature amount calculating step of calculating a plurality of different feature amounts for the digital data. A hash function generating step of calculating a plurality of hash data from the plurality of different characteristic amounts; and a signature data generating step of performing a predetermined operation on the plurality of hash data to generate a plurality of signature data. An information processing method characterized by the above. 15. An information processing method for verifying digital data using a plurality of signature data, comprising: a feature amount calculating step of calculating a plurality of different feature amounts from the digital data; A hash function generating step of calculating a plurality of first hash data from the feature amount; a signature data inputting step of inputting a plurality of initial generation signature data relating to the digital data; and a predetermined value for the plurality of initial generation signature data. And a signature verification calculation step of generating a plurality of second hash data, a comparison step of comparing the plurality of first hash data and the second hash data, and outputting a comparison result; Multi-step level display step for displaying the verification result of the digital data at multi-step levels based on the result An information processing method comprising: 16. An information processing method for modifying digital data of a digital file including signature data and digital data, the signature data reading step of reading a plurality of signature data from a predetermined position of the digital file. A parameter reading step for reading a parameter of the digital data from a predetermined position of the digital file; a change parameter determining step of determining a parameter that can verify the originality of the digital data using the parameter; According to the modification, a modification step of modifying the digital data while maintaining the originality of the digital data, and signature data for adding all or part of the signature data to a predetermined position of the modified digital file The information processing method characterized by comprising a pressurizing step. 17. A computer program for controlling an information processing apparatus for generating a plurality of signature data from digital data for verifying digital data, the computer program comprising a plurality of different feature amounts for the digital data. A feature amount calculating step of calculating, a hash function generating step of calculating a plurality of hash data from the plurality of different feature amounts, a predetermined operation is performed on the plurality of hash data, and a plurality of signature data is generated. A program for causing a computer to execute the signature data generation step. 18. A computer program for controlling an information processing device for verifying digital data using a plurality of signature data, the feature amount calculating step of calculating a plurality of different feature amounts from the digital data. A hash function generating step of calculating a plurality of first hash data from the plurality of different feature amounts; a signature data inputting step of inputting a plurality of initial generation signature data relating to the digital data; and a plurality of initial generation signatures. A signature verification calculation step of performing a predetermined calculation on the data to generate a plurality of second hash data, and comparing the plurality of first hash data and the second hash data, and outputting a comparison result. A comparison step, and based on the comparison result, a verification result of the digital data is displayed in a multi-level A program for causing a computer to execute the multi-level display step and the multi-level display step. 19. A computer program for controlling an information processing apparatus for modifying digital data of a digital file including signature data and digital data, the signature data including a plurality of signature data from a predetermined position of the digital file. Reading the signature data, reading the parameters of the digital data from a predetermined position in the digital file, and using the parameters to change the parameters that determine the originality of the digital data. A determination step; a modification step of maintaining the originality of the digital data according to the modification parameter to modify the digital data; and a digital file after modification of all or part of the signature data. Program for executing of the signature data adding step for adding a predetermined position on the computer. 20. A computer-readable recording medium in which the program according to claim 17 is recorded. 21. A computer-readable recording medium in which the program according to claim 18 is recorded. 22. A computer-readable recording medium in which the program according to claim 19 is recorded.